The EU General Data Protection Regulation (GDPR) is the most important change indata privacy regulation in 20 years.

After four years of preparation and debate the GDPR was finally approved by the EU Parliament on 14 April 2016.
Enforcement date: 25 May 2018 - at which time those organizations in non-compliance may face heavy fines.

The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy. The key articles of the GDPR, as well as information on its business impact, can be found throughout the EUGDPR website.

10 key steps to help NZ marketers comply with GDPR

Marketing Association has done a write-up on
what New Zealand Marketers need to know; head over to their website.

Even businesses without a physical presence in the EU may have to comply with the new rules if they:

sell goods or services to a person who lives in the EU; or

monitor the behaviour of a person who lives in the EU.

The critical factor is the location of the individual (data subject) not the location of the data processor or data controller. We don’t really know how the new regulations will be monitored in countries outside the EU.